CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-29974

** UNSUPPORTED WHEN ASSIGNED ** The remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.548

EPSS Ranking 97.9%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2024-29974

Zyxel » Nas326 » Version: N/A

cpe:2.3:h:zyxel:nas326:-
Zyxel » Nas542 » Version: N/A

cpe:2.3:h:zyxel:nas542:-
Zyxel » Nas326 Firmware » Version: N/A

cpe:2.3:o:zyxel:nas326_firmware:-
Zyxel » Nas326 Firmware » Version: 5.21

cpe:2.3:o:zyxel:nas326_firmware:5.21
Zyxel » Nas326 Firmware » Version: 5.21(aazf.12)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.12)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.13)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.13)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.14)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.14)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.16)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.16)c0
Zyxel » Nas326 Firmware » Version: 5.21(aazf.7)c0

cpe:2.3:o:zyxel:nas326_firmware:5.21(aazf.7)c0
Zyxel » Nas542 Firmware » Version: N/A

cpe:2.3:o:zyxel:nas542_firmware:-
Zyxel » Nas542 Firmware » Version: 5.21(abag.10)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.10)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.11)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.11)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.13)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.13)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.4)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.4)c0
Zyxel » Nas542 Firmware » Version: 5.21(abag.9)c0

cpe:2.3:o:zyxel:nas542_firmware:5.21(abag.9)c0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-29974

Products

Pricing

Contact Us